On April 7, 2014 a vulnerability (CVE-2014-0160, also known as â€œHeartbleedâ€) was released that could allow attackers to view sensitive information in a serverâ€™s memory such as secret keys and passwords.

On April 7, 2014 a vulnerability (CVE-2014-0160, also known as “Heartbleed”) was released that could allow attackers to view sensitive information in a server’s memory such as secret keys and passwords. Given the severity of this problem, we has taken the necessary steps to keep our customers and their information safe from potential attacks.

Am I Vulnerable?Since Heartbleed has been in the wild for over a year, servers could have been compromised for some time. This vulnerability exposes a system to attackers who may extract information without leaving a trace of malicious activity.A tool has been published that allows administrators to test the vulnerability of their system. If your site has an SSL certificate, go to the Heartbleed test page, enter your website URL, and run the vulnerability test. The source of this tool can be found on GitHub. Please note a passing score does not mean your system isn’t vulnerable in another way. Software that was compiled against the old library will need to be recompiled.